CERT: SSH vulnerabilities.

Mark Street jet at sonic.net
Tue Dec 17 13:31:27 PST 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://www.kb.cert.org/vuls/id/389665#systems

Vulnerability Note VU#389665

Multiple vendors' SSH transport layer protocol implementations contain 
vulnerabilities in key exchange and initialization

Overview

Secure shell (SSH) transport layer protocol implementations from different 
vendors contain multiple vulnerabilities in code that handles key exchange 
and initialization. Both SSH servers and clients are affected. A remote 
attacker could execute arbitrary code with the privileges of the SSH process 
or cause a denial of service. 

- -- 
Mark Street, D.C.
Red Hat Certified Engineer
Cert# 807302251406074
- --
Key fingerprint = 3949 39E4 6317 7C3C 023E  2B1F 6FB3 06E7 D109 56C0
GPG key http://www.streetchiro.com/pubkey.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9/5e2b7MG59EJVsARAq3xAKDC6q+6lgM2BDfecZI2Uhx3AQ/ODwCfaTk6
4et6paIm+xd6jGucHGR/r/Q=
=pbyQ
-----END PGP SIGNATURE-----



More information about the talk mailing list